package cn.initcap.security;

import cn.initcap.authorize.AuthorizeConfigProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

/**
 * 自定义访问权限
 * 可以查询数据库进行初始化
 *
 * @author initcap
 * @date Created in 2018/5/19 PM9:46.
 */
@Component
public class DemoAuthorizeConfigProvider implements AuthorizeConfigProvider {

    @Override
    public boolean config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        config.antMatchers("/demo.html")
                .hasRole("ADMIN");
        return true;
    }
}
